Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google tensorflow 2.7.0 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2022-23564
Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments. This allows malicious users to cause denial of serv...
Google Tensorflow
Google Tensorflow 2.7.0
4
CVSSv2
CVE-2022-23577
Tensorflow is an Open Source Machine Learning Framework. The implementation of `GetInitOp` is vulnerable to a crash caused by dereferencing a null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and...
Google Tensorflow
Google Tensorflow 2.7.0
4
CVSSv2
CVE-2022-23585
Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling `png::CommonInitDecode(..., &decode)`, the `decode` value contains allocated buffers which can only be freed by callin...
Google Tensorflow
Google Tensorflow 2.7.0
2.1
CVSSv2
CVE-2021-41207
TensorFlow is an open source platform for machine learning. In affected versions the implementation of `ParallelConcat` misses some input validation and can produce a division by 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2....
Google Tensorflow
Google Tensorflow 2.7.0
2.1
CVSSv2
CVE-2021-41227
TensorFlow is an open source platform for machine learning. In affected versions the `ImmutableConst` operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the `tstring` TensorFlow string class has a special case for memory mapped strings ...
Google Tensorflow
Google Tensorflow 2.7.0
5.5
CVSSv2
CVE-2022-21730
Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalAvgPoolGrad` does not consider cases where the input tensors are invalid allowing an malicious user to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We w...
Google Tensorflow
Google Tensorflow 2.7.0
4
CVSSv2
CVE-2022-23595
Tensorflow is an Open Source Machine Learning Framework. When building an XLA compilation cache, if default settings are used, TensorFlow triggers a null pointer dereference. In the default scenario, all devices are allowed, so `flr->config_proto` is `nullptr`. The fix will be...
Google Tensorflow
Google Tensorflow 2.7.0
4
CVSSv2
CVE-2022-21725
Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride ar...
Google Tensorflow
Google Tensorflow 2.7.0
5.5
CVSSv2
CVE-2022-21728
Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ReverseSequence` does not fully validate the value of `batch_dim` and can result in a heap OOB read. There is a check to make sure the value of `batch_dim` does not go over the ran...
Google Tensorflow
Google Tensorflow 2.7.0
4
CVSSv2
CVE-2022-21729
Tensorflow is an Open Source Machine Learning Framework. The implementation of `UnravelIndex` is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2...
Google Tensorflow
Google Tensorflow 2.7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-coded
CVE-2024-27202
NULL pointer dereference
CVE-2024-28075
CVE-2024-33608
CVE-2024-28889
CVE-2024-34572
template injection
CVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »